@abtnode/core 1.16.17-beta-2679e686 → 1.16.17-beta-6f0c7674

package/lib/api/team.js

@@ -1,5 +1,7 @@
 const { EventEmitter } = require('events');
 const pick = require('lodash/pick');
+const defaults = require('lodash/defaults');
+const cloneDeep = require('lodash/cloneDeep');
 const joinUrl = require('url-join');
 
 const logger = require('@abtnode/logger')('@abtnode/core:api:team');
@@ -40,6 +42,7 @@ const { validateCreatePermission, validateUpdatePermission } = require('../valid
 const { getBlocklet } = require('../util/blocklet');
 const StoreUtil = require('../util/store');
 const { profileSchema } = require('../validators/user');
+const { callFederated } = require('../util/federated');
 
 const sanitizeUrl = (url) => {
   if (!url) {
@@ -1000,6 +1003,7 @@ class TeamAPI extends EventEmitter {
   async getPassportIssuance({ teamDid, sessionId }) {
     const state = await this.getSessionState(teamDid);
     const doc = await state.read(sessionId);
+    // FIXME: @zhanghan 指定被邀请者的邀请需要查询被邀请者的详细信息
     return doc;
   }
 
@@ -1315,6 +1319,10 @@ class TeamAPI extends EventEmitter {
     return this.teamManager.getUserState(did);
   }
 
+  getUserSessionState(did) {
+    return this.teamManager.getUserSessionState(did);
+  }
+
   getTagState(did) {
     return this.teamManager.getTagState(did);
   }
@@ -1329,6 +1337,148 @@ class TeamAPI extends EventEmitter {
   setInviteExpireTime(ms) {
     this.memberInviteExpireTime = ms;
   }
+
+  // user-session management
+  async getUserSession({ teamDid, userDid, visitorId }) {
+    const state = await this.getUserSessionState(teamDid);
+    const userState = await this.getUserState(teamDid);
+
+    const where = {
+      status: 'online',
+    };
+    if (userDid) where.userDid = userDid;
+    if (visitorId) where.visitorId = visitorId;
+
+    const userSessions = await state.model.findAll({
+      where,
+      attributes: ['id', 'appPid', 'userDid', 'visitorId', 'passportId'],
+      include: {
+        model: userState.model,
+        as: 'user',
+        attributes: ['did', 'sourceProvider', 'fullName', 'email', 'avatar', 'remark', 'sourceAppPid'],
+      },
+    });
+    return userSessions.map((x) => x.toJSON());
+  }
+
+  async getPassportById({ teamDid, passportId }) {
+    const userState = await this.getUserState(teamDid);
+    const passport = await userState.getPassportById(passportId);
+    return passport;
+  }
+
+  async getPassportFromFederated({ site, passportId, teamDid }) {
+    const blocklet = await getBlocklet({ did: teamDid, states: this.states, dataDirs: this.dataDirs });
+    const nodeInfo = await this.node.read();
+    const { permanentWallet } = getBlockletInfo(blocklet, nodeInfo.sk);
+
+    const result = await callFederated({
+      action: 'getPassport',
+      data: {
+        passportId,
+      },
+      permanentWallet,
+      site,
+    });
+
+    return result;
+  }
+
+  async upsertUserSession({ teamDid, appPid, userDid, visitorId, ua, lastLoginIp, sourceAppPid, passportId, status }) {
+    if (!userDid) {
+      throw new Error('userDid are required');
+    }
+
+    const state = await this.getUserSessionState(teamDid);
+    let data;
+    if (!visitorId) {
+      data = await state.insert({
+        userDid,
+        ua,
+        lastLoginIp,
+        appPid,
+        passportId,
+      });
+    } else {
+      const exist = await state.findOne({ userDid, visitorId, appPid });
+      if (exist) {
+        [, [data]] = await state.update(exist.id, { ua, lastLoginIp, passportId, status });
+      } else {
+        data = await state.insert({
+          visitorId,
+          userDid,
+          ua,
+          lastLoginIp,
+          appPid,
+          passportId,
+        });
+      }
+    }
+
+    if (sourceAppPid) {
+      const blocklet = await getBlocklet({ did: teamDid, states: this.states, dataDirs: this.dataDirs });
+      const nodeInfo = await this.node.read();
+      const { permanentWallet } = getBlockletInfo(blocklet, nodeInfo.sk);
+      const federated = defaults(cloneDeep(blocklet.settings.federated || {}), {
+        config: {},
+        sites: [],
+      });
+      const masterSite = federated.sites[0];
+      if (masterSite && masterSite.isMaster !== false && masterSite.appPid === sourceAppPid) {
+        await callFederated({
+          action: 'sync',
+          permanentWallet,
+          site: masterSite,
+          data: {
+            userSessions: [
+              {
+                action: 'login',
+                userDid,
+                visitorId: data.visitorId,
+                ua,
+                lastLoginIp,
+                appPid: teamDid,
+                passportId,
+              },
+            ],
+          },
+        });
+      }
+    }
+
+    return data;
+  }
+
+  async logoutUser({ teamDid, userDid, visitorId, appPid }) {
+    const state = await this.getUserSessionState(teamDid);
+    const data = await state.update({ userDid, visitorId, appPid }, { status: 'offline' });
+    const nodeInfo = await this.node.read();
+    const blocklet = await getBlocklet({ did: teamDid, states: this.states, dataDirs: this.dataDirs });
+    const { permanentWallet } = getBlockletInfo(blocklet, nodeInfo.sk);
+    const federated = defaults(cloneDeep(blocklet.settings.federated || {}), {
+      config: {},
+      sites: [],
+    });
+    const masterSite = federated.sites[0];
+    if (masterSite && masterSite.isMaster !== false && masterSite.appPid !== teamDid) {
+      callFederated({
+        action: 'sync',
+        permanentWallet,
+        site: masterSite,
+        data: {
+          userSessions: [
+            {
+              action: 'logout',
+              userDid,
+              visitorId,
+              appPid: teamDid,
+            },
+          ],
+        },
+      });
+    }
+    return data;
+  }
 }
 
 module.exports = TeamAPI;

package/lib/blocklet/manager/disk.js

@@ -1,5 +1,4 @@
 /* eslint-disable max-classes-per-file */
-/* eslint-disable no-underscore-dangle */
 /* eslint-disable no-await-in-loop */
 const fs = require('fs-extra');
 const path = require('path');
@@ -182,6 +181,7 @@ const {
   getSelectedResources,
   updateSelectedResources,
 } = require('../project');
+const { callFederated } = require('../../util/federated');
 
 const { formatEnvironments, getBlockletMeta, validateOwner, isCLI } = util;
 
@@ -3744,7 +3744,7 @@ class FederatedBlockletManager extends DiskBlockletManager {
    * @param {string} options.appUrl - 申请加入统一登录的 master appUrl
    * @returns {Promise<any>} 更新后的 blocklet 数据
    */
-  async joinFederatedLogin({ appUrl, did }) {
+  async joinFederatedLogin({ appUrl, did }, context) {
     const url = new URL(appUrl);
     // master service api 的地址
     url.pathname = joinUrl(WELLKNOWN_SERVICE_PATH_PREFIX, '/api/federated/join');
@@ -3818,7 +3818,7 @@ class FederatedBlockletManager extends DiskBlockletManager {
    * @param {string} options.did - blocklet pid
    * @returns {Promise<any>} 更新后的 blocklet 数据
    */
-  async quitFederatedLogin({ did }) {
+  async quitFederatedLogin({ did }, context) {
     const blocklet = await this.getBlocklet(did);
     const federated = defaults(cloneDeep(blocklet.settings.federated || {}), {
       config: {},
@@ -3839,21 +3839,17 @@ class FederatedBlockletManager extends DiskBlockletManager {
         },
         masterAppUrl: masterSite.appUrl,
       });
-      const url = new URL(masterSite.appUrl);
-      url.pathname = joinUrl(WELLKNOWN_SERVICE_PATH_PREFIX, '/api/federated/quit');
       try {
-        await pRetry(
-          () =>
-            request.post(url.href, {
-              signer: permanentWallet.address,
-              data: signV2(permanentWallet.address, permanentWallet.secretKey, {
-                memberPid: blocklet.appPid,
-              }),
-            }),
-          { retries: 3 }
-        );
+        await callFederated({
+          action: 'quit',
+          site: masterSite,
+          permanentWallet,
+          data: {
+            memberPid: blocklet.appPid,
+          },
+        });
       } catch (error) {
-        logger.error('Failed to quit blocklet, will still quit federated by itself', { error, did, url: url.href });
+        logger.error('Failed to quit blocklet, will still quit federated by itself', { error, did });
       }
     }
 
@@ -3872,7 +3868,7 @@ class FederatedBlockletManager extends DiskBlockletManager {
    * @param {string} options.did - blocklet pid
    * @returns {Promise<any>} 更新后的 blocklet 数据
    */
-  async disbandFederatedLogin({ did }) {
+  async disbandFederatedLogin({ did }, context) {
     const blocklet = await this.getBlocklet(did);
     const federated = defaults(cloneDeep(blocklet.settings.federated || {}), {
       config: {},
@@ -3899,22 +3895,17 @@ class FederatedBlockletManager extends DiskBlockletManager {
         .filter((item) => item.appPid !== did)
         .map((item) => {
           return limitSync(async () => {
-            const url = new URL(item.appUrl);
-            url.pathname = joinUrl(WELLKNOWN_SERVICE_PATH_PREFIX, '/api/federated/disband');
             try {
-              await pRetry(
-                () =>
-                  request.post(url.href, {
-                    signer: permanentWallet.address,
-                    data: signV2(permanentWallet.address, permanentWallet.secretKey, {}),
-                  }),
-                { retries: 1 }
-              );
+              await callFederated({
+                action: 'disband',
+                permanentWallet,
+                site: item,
+                data: {},
+              });
             } catch (error) {
               logger.error('Failed to disband blocklet, will still disband federated by itself', {
                 error,
                 did,
-                url: url.href,
               });
             }
           });
@@ -3937,7 +3928,7 @@ class FederatedBlockletManager extends DiskBlockletManager {
    * @param {object} param.config federated 配置内容
    * @returns {Promise<any>} 更新后的 blocklet 数据
    */
-  async setFederated({ did, config }) {
+  async setFederated({ did, config }, context) {
     await states.blockletExtras.setSettings(did, { federated: config });
 
     const newState = await this.getBlocklet(did);
@@ -3953,7 +3944,8 @@ class FederatedBlockletManager extends DiskBlockletManager {
    * @param {boolean} param.autoLogin 是否自动登录
    * @returns {Promise<any>} 更新后的 blocklet 数据
    */
-  async configFederated({ did, autoLogin = false }) {
+  // FIXME: @zhanghan deprecated 不再需要配置自动登录
+  async configFederated({ did, autoLogin = false }, context) {
     const blocklet = await this.getBlocklet(did);
     const federated = cloneDeep(blocklet.settings.federated || {});
     federated.config.autoLogin = autoLogin;
@@ -3970,7 +3962,6 @@ class FederatedBlockletManager extends DiskBlockletManager {
    * @param {object} param
    * @param {string} param.did master blocklet pid
    * @param {string} param.memberPid member blocklet pid
-   * @param {boolean} param.autoLogin 是否自动登录
    * @returns {Promise<any>} 更新后的 blocklet 数据
    */
   async auditFederatedLogin({ memberPid, did, status }) {
@@ -4028,31 +4019,24 @@ class FederatedBlockletManager extends DiskBlockletManager {
       roles = await this.teamManager.getRoles(blocklet.appPid);
     }
 
-    const postUrl = joinUrl(memberSite.appUrl, WELLKNOWN_SERVICE_PATH_PREFIX, '/api/federated/audit-res');
-
     logger.info('Audit member join federated login', {
       status,
-      postUrl,
     });
     try {
       const roleList = roles.map((item) => pick(item, ['name', 'title', 'description']));
-      await pRetry(
-        () =>
-          request.post(postUrl, {
-            signer: permanentWallet.address,
-            data: signV2(permanentWallet.address, permanentWallet.secretKey, {
-              masterPid: blocklet.appPid,
-              status,
-              delegation,
-              roles: roleList,
-            }),
-          }),
-        {
-          retries: 3,
-        }
-      );
+      await callFederated({
+        action: 'audit-res',
+        permanentWallet,
+        site: memberSite,
+        data: {
+          masterPid: blocklet.appPid,
+          status,
+          delegation,
+          roles: roleList,
+        },
+      });
     } catch (error) {
-      logger.error('Failed to post audit res to member-site', { error, did, url: postUrl });
+      logger.error('Failed to post audit res to member-site', { error, did });
       throw error;
     }
     await this.syncFederated({
@@ -4119,24 +4103,34 @@ class FederatedBlockletManager extends DiskBlockletManager {
       .filter((item) => item.appId !== federated.config.appId)
       .map((item) => {
         return limitSync(async () => {
-          const url = joinUrl(item.appUrl, WELLKNOWN_SERVICE_PATH_PREFIX, '/api/federated/sync');
           try {
             // NOTICE: 即使通知某个站点失败了，也不影响其他站点接收同步结果
-            await pRetry(
-              () =>
-                request.post(url, {
-                  signer: permanentWallet.address,
-                  data: signV2(permanentWallet.address, permanentWallet.secretKey, safeData),
-                }),
-              { retries: 3 }
-            );
+            await callFederated({
+              action: 'sync',
+              permanentWallet,
+              site: item,
+              data: safeData,
+            });
           } catch (error) {
-            logger.warn('Failed to sync federated sites', { error, did, url, action: 'sync' });
+            logger.warn('Failed to sync federated sites', { error, did, action: 'sync' });
           }
         });
       });
     await Promise.all(waitingList);
   }
+
+  async loginFederated({ did, site, data }) {
+    const blocklet = await this.getBlocklet(did);
+    const nodeInfo = await states.node.read();
+    const { permanentWallet } = getBlockletInfo(blocklet, nodeInfo.sk);
+    const result = await callFederated({
+      action: 'loginByMaster',
+      data,
+      permanentWallet,
+      site,
+    });
+    return result;
+  }
 }
 
 class BlockletManager extends FederatedBlockletManager {}

package/lib/index.js

@@ -269,6 +269,7 @@ function ABTNode(options) {
     configFederated: blockletManager.configFederated.bind(blockletManager),
     setFederated: blockletManager.setFederated.bind(blockletManager),
     syncFederated: blockletManager.syncFederated.bind(blockletManager),
+    loginFederated: blockletManager.loginFederated.bind(blockletManager),
     configNotification: blockletManager.configNotification.bind(blockletManager),
     updateWhoCanAccess: blockletManager.updateWhoCanAccess.bind(blockletManager),
     updateAppSessionConfig: blockletManager.updateAppSessionConfig.bind(blockletManager),
@@ -381,6 +382,13 @@ function ABTNode(options) {
     isConnectedAccount: teamAPI.isConnectedAccount.bind(teamAPI),
     switchProfile: teamAPI.switchProfile.bind(teamAPI),
 
+    // user-session
+    getUserSession: teamAPI.getUserSession.bind(teamAPI),
+    upsertUserSession: teamAPI.upsertUserSession.bind(teamAPI),
+    logoutUser: teamAPI.logoutUser.bind(teamAPI),
+    getPassportById: teamAPI.getPassportById.bind(teamAPI),
+    getPassportFromFederated: teamAPI.getPassportFromFederated.bind(teamAPI),
+
     // Tagging
     createTag: teamAPI.createTag.bind(teamAPI),
     updateTag: teamAPI.updateTag.bind(teamAPI),

package/lib/router/manager.js

@@ -18,6 +18,7 @@ const normalizePathPrefix = require('@abtnode/util/lib/normalize-path-prefix');
 const logger = require('@abtnode/logger')('@abtnode/core:router:manager');
 const { getProvider } = require('@abtnode/router-provider');
 const checkDomainMatch = require('@abtnode/util/lib/check-domain-match');
+const { isDidDomain } = require('@abtnode/util/lib/url-evaluation');
 const {
   DOMAIN_FOR_IP_SITE,
   DOMAIN_FOR_DEFAULT_SITE,
@@ -44,6 +45,7 @@ const { findWebInterface } = require('../util/blocklet');
 const { attachRuntimeDomainAliases, ensureLatestInfo } = require('./helper');
 const Router = require('./index');
 const states = require('../states');
+const { getDidFromDomainGroupName, updateNFTDomainRecord, revokeAndDeleteNFTDomainRecord } = require('../util/router');
 
 const checkPathPrefixInBlackList = (pathPrefix, extraBlackList = []) => {
   const blacklist = [
@@ -184,7 +186,7 @@ class RouterManager extends EventEmitter {
     return dbSite;
   }
 
-  async addDomainAlias({ id, domainAlias: tmpAlias, force }, context = {}) {
+  async addDomainAlias({ id, domainAlias: tmpAlias, force, type, nftDid, chainHost }, context = {}) {
     const domainAlias = await validateAddDomainAlias(tmpAlias, context);
     const dbSite = await states.site.findOne({ id });
     if (!dbSite) {
@@ -215,12 +217,26 @@ class RouterManager extends EventEmitter {
     }
 
     const doc = await states.site.findOne({ id });
-    const updateResult = await states.site.update(
-      { id },
-      { $set: { domainAliases: [...doc.domainAliases, { value: domainAlias, isProtected: false }] } }
-    );
+    const item = { value: domainAlias, isProtected: false };
+    if (type === 'nft-domain') {
+      item.type = type;
+      item.nftDid = nftDid;
+      item.chainHost = chainHost;
+    }
+
+    const updateResult = await states.site.update({ id }, { $set: { domainAliases: [...doc.domainAliases, item] } });
     logger.debug('add domain alias update result', { id, updateResult, domainAlias });
 
+    if (type === 'nft-domain') {
+      const did = getDidFromDomainGroupName(doc.domain); // TODO: 是不是可靠？
+      const didDomain = doc.domainAliases.find((x) => isDidDomain(x.value));
+      const blocklet = await states.blocklet.getBlocklet(did);
+      const nodeInfo = await states.node.read();
+
+      await updateNFTDomainRecord({ name: domainAlias, value: didDomain.value, blocklet, nodeInfo });
+      logger.info('update nft domain record', { domain: domainAlias, didDomain: '', nftDid, id });
+    }
+
     const newSite = await states.site.findOne({ id });
     await attachRuntimeDomainAliases({ sites: newSite, context, node: states.node });
 
@@ -228,12 +244,16 @@ class RouterManager extends EventEmitter {
   }
 
   async deleteDomainAlias({ id, domainAlias: tmpAlias }, context = {}) {
-    const domainAlias = await validateAddDomainAlias(tmpAlias, context);
+    let domainAlias = await validateAddDomainAlias(tmpAlias, context);
+    domainAlias = toLower(domainAlias);
+
     const dbSite = await states.site.findOne({ id });
     if (!dbSite) {
       throw new Error(`site ${id} does not exist`);
     }
 
+    const toDelete = dbSite.domainAliases.find((x) => toLower(x.value) === domainAlias);
+
     dbSite.domainAliases = dbSite.domainAliases.filter((x) => {
       if (typeof x === 'string') {
         return toLower(x) !== domainAlias;
@@ -247,6 +267,18 @@ class RouterManager extends EventEmitter {
 
     await attachRuntimeDomainAliases({ sites: dbSite, context, node: states.node });
 
+    if (toDelete?.type === 'nft-domain') {
+      const blockletDid = getDidFromDomainGroupName(dbSite.domain); // TODO: 是不是可靠？
+      const blocklet = await states.blocklet.getBlocklet(blockletDid);
+      const nodeInfo = await states.node.read();
+
+      revokeAndDeleteNFTDomainRecord({ name: domainAlias, blocklet, nodeInfo })
+        .then(() => logger.info('revoke and delete nft domain record', { domain: domainAlias, blockletDid, id }))
+        .catch((error) =>
+          logger.error('revoke and delete nft domain record failed', { error, domain: domainAlias, blockletDid, id })
+        );
+    }
+
     return dbSite;
   }
 

package/lib/states/node.js

@@ -125,6 +125,7 @@ class NodeState extends BaseState {
       trustedPassports,
       customBlockletNumber: 0,
       webWalletUrl,
+      nftDomainUrl: '', // TODO: Default domain url
     });
 
     if (dek) {

package/lib/states/user-session.js

@@ -0,0 +1,8 @@
+const ExtendBase = require('./base');
+
+/**
+ * @extends BaseState<import('@abtnode/models').UserSession>
+ */
+class UserSession extends ExtendBase {}
+
+module.exports = UserSession;

package/lib/states/user.js

@@ -423,6 +423,16 @@ class User extends ExtendBase {
 
     return result;
   }
+
+  async getPassports(did) {
+    const passports = await this.passport.find({ userDid: did });
+    return passports;
+  }
+
+  async getPassportById(passportId) {
+    const passport = await this.passport.findOne({ id: passportId });
+    return passport;
+  }
 }
 
 module.exports = User;

package/lib/team/manager.js

@@ -28,6 +28,7 @@ const rbacCreationLock = new Lock('rbac-creation-lock');
 
 const States = {
   User: require('../states/user'),
+  UserSession: require('../states/user-session'),
   Passport: require('../states/passport'),
   ConnectedAccount: require('../states/connect-account'),
   Session: require('../states/session'),
@@ -96,6 +97,7 @@ class TeamManager extends EventEmitter {
     this.cache[this.nodeDid] = {
       rbac: await createRBAC({ storage: new MemoryStorage(), data: RBAC_CONFIG }),
       user: await this.createState(this.nodeDid, 'User'),
+      userSession: await this.createState(this.nodeDid, 'UserSession'),
       tag: await this.createState(this.nodeDid, 'Tag'),
       passport: await this.createState(this.nodeDid, 'Passport'),
       connectedAccount: await this.createState(this.nodeDid, 'ConnectedAccount'),
@@ -107,6 +109,10 @@ class TeamManager extends EventEmitter {
     return this.getState(teamDid, 'user');
   }
 
+  getUserSessionState(teamDid) {
+    return this.getState(teamDid, 'userSession');
+  }
+
   getTagState(teamDid) {
     return this.getState(teamDid, 'tag');
   }
@@ -339,10 +345,12 @@ class TeamManager extends EventEmitter {
     const passport = await this.createState(did, 'Passport');
     const connectedAccount = await this.createState(did, 'ConnectedAccount');
     const session = await this.createState(did, 'Session');
+    const userSession = await this.createState(did, 'UserSession');
 
     this.cache[did] = {
       rbac,
       user,
+      userSession,
       tag,
       session,
       passport,

package/lib/util/blocklet.js

@@ -274,6 +274,7 @@ const getAppSystemEnvironments = (blocklet, nodeInfo, dataDirs) => {
 
   const { wallet } = result;
   const appSk = toHex(wallet.secretKey);
+  const appPk = toHex(wallet.publicKey);
   const appId = wallet.address;
   const appName = title || name || result.name;
   const appDescription = description || result.description;
@@ -302,6 +303,7 @@ const getAppSystemEnvironments = (blocklet, nodeInfo, dataDirs) => {
 
   return {
     BLOCKLET_DID: did, // BLOCKLET_DID is always same as BLOCKLET_APP_PID in structV2 application
+    BLOCKLET_APP_PK: appPk,
     BLOCKLET_APP_SK: appSk,
     BLOCKLET_APP_ID: appId,
     BLOCKLET_APP_PSK: appPsk, // permanent sk even the blocklet has been migrated

package/lib/util/federated.js

@@ -0,0 +1,24 @@
+const { WELLKNOWN_SERVICE_PATH_PREFIX } = require('@abtnode/constant');
+const pRetry = require('p-retry');
+const { signV2 } = require('@arcblock/jwt');
+const joinUrl = require('url-join');
+
+const request = require('./request');
+
+async function callFederated({ site, permanentWallet, data, action }) {
+  const url = new URL(site.appUrl);
+  url.pathname = joinUrl(WELLKNOWN_SERVICE_PATH_PREFIX, `/api/federated/${action}`);
+  const result = await pRetry(
+    () =>
+      request.post(url.href, {
+        signer: permanentWallet.address,
+        data: signV2(permanentWallet.address, permanentWallet.secretKey, data),
+      }),
+    { retries: 3 }
+  );
+  return result.data;
+}
+
+module.exports = {
+  callFederated,
+};

package/lib/util/router.js

@@ -1,4 +1,10 @@
 const { BLOCKLET_SITE_GROUP_SUFFIX } = require('@abtnode/constant');
+const axios = require('@abtnode/util/lib/axios');
+const getBlockletInfo = require('@blocklet/meta/lib/info');
+const { stableStringify } = require('@arcblock/vc');
+const { toBase58 } = require('@ocap/util');
+const joinURL = require('url-join');
+const logger = require('@abtnode/logger')('@abtnode/core:router:util');
 
 const getBlockletDomainGroupName = (did) => `${did}${BLOCKLET_SITE_GROUP_SUFFIX}`;
 
@@ -7,7 +13,74 @@ const getDidFromDomainGroupName = (name) => {
   return did;
 };
 
+const getNFTDomainHeaders = ({ wallet, payload }) => ({
+  'x-blocklet-sig': toBase58(wallet.sign(stableStringify(payload))),
+});
+
+const updateNFTDomainRecord = async ({ name, value, blocklet, nodeInfo }) => {
+  const { wallet } = getBlockletInfo(blocklet, nodeInfo.sk);
+
+  const payload = {
+    delegatee: blocklet.appPid,
+    domain: name,
+    record: {
+      name,
+      type: 'CNAME',
+      value,
+    },
+  };
+  try {
+    const { data } = await axios({
+      method: 'POST',
+      url: joinURL(nodeInfo.nftDomainUrl, '/api/domains'), // TODO: 替换为真实地址
+      data: payload,
+      headers: getNFTDomainHeaders({ wallet, payload }),
+    });
+
+    return data;
+  } catch (error) {
+    logger.error('updateNFTDomainRecord error', {
+      error,
+      name,
+      value,
+      delegatee: blocklet.appPid,
+      appPid: blocklet.appPid,
+      resp: error.response?.data,
+    });
+    throw new Error('update nft domain record failed');
+  }
+};
+
+const revokeAndDeleteNFTDomainRecord = async ({ name, blocklet, nodeInfo }) => {
+  const { wallet } = getBlockletInfo(blocklet, nodeInfo.sk);
+
+  const payload = {
+    delegatee: wallet.address,
+    domain: name,
+  };
+  try {
+    const { data } = await axios({
+      method: 'DELETE',
+      url: joinURL(nodeInfo.nftDomainUrl, '/api/domains'),
+      data: payload,
+      headers: getNFTDomainHeaders({ wallet, payload }),
+    });
+
+    return data;
+  } catch (error) {
+    logger.error('revokeAndDeleteNFTDomainRecord error', {
+      error,
+      name,
+      appPid: blocklet.appPid,
+      resp: error.response?.data,
+    });
+    throw new Error('revoke nft domain record failed');
+  }
+};
+
 module.exports = {
   getBlockletDomainGroupName,
   getDidFromDomainGroupName,
+  updateNFTDomainRecord,
+  revokeAndDeleteNFTDomainRecord,
 };

package/lib/validators/node.js

@@ -28,6 +28,15 @@ const nodeInfoSchema = Joi.object({
       zh: { 'string.uriCustomScheme': 'Web Wallet 必须是合法的 URL' },
       en: { 'string.uriCustomScheme': 'Web Wallet must be a valid URL' },
     }),
+  nftDomainUrl: Joi.string()
+    .uri({ scheme: [/https?/] })
+    .label('web wallet url')
+    .allow('')
+    .optional()
+    .messages({
+      zh: { 'string.uriCustomScheme': 'NFT Domain 必须是合法的 URL' },
+      en: { 'string.uriCustomScheme': 'NFT Domain must be a valid URL' },
+    }),
   autoUpgrade: Joi.boolean(),
   enableWelcomePage: Joi.boolean(),
   diskAlertThreshold: Joi.number()

package/package.json

@@ -3,7 +3,7 @@
   "publishConfig": {
     "access": "public"
   },
-  "version": "1.16.17-beta-2679e686",
+  "version": "1.16.17-beta-6f0c7674",
   "description": "",
   "main": "lib/index.js",
   "files": [
@@ -19,19 +19,19 @@
   "author": "wangshijun <wangshijun2010@gmail.com> (http://github.com/wangshijun)",
   "license": "Apache-2.0",
   "dependencies": {
-    "@abtnode/analytics": "1.16.17-beta-2679e686",
-    "@abtnode/auth": "1.16.17-beta-2679e686",
-    "@abtnode/certificate-manager": "1.16.17-beta-2679e686",
-    "@abtnode/constant": "1.16.17-beta-2679e686",
-    "@abtnode/cron": "1.16.17-beta-2679e686",
-    "@abtnode/logger": "1.16.17-beta-2679e686",
-    "@abtnode/models": "1.16.17-beta-2679e686",
-    "@abtnode/queue": "1.16.17-beta-2679e686",
-    "@abtnode/rbac": "1.16.17-beta-2679e686",
-    "@abtnode/router-provider": "1.16.17-beta-2679e686",
-    "@abtnode/static-server": "1.16.17-beta-2679e686",
-    "@abtnode/timemachine": "1.16.17-beta-2679e686",
-    "@abtnode/util": "1.16.17-beta-2679e686",
+    "@abtnode/analytics": "1.16.17-beta-6f0c7674",
+    "@abtnode/auth": "1.16.17-beta-6f0c7674",
+    "@abtnode/certificate-manager": "1.16.17-beta-6f0c7674",
+    "@abtnode/constant": "1.16.17-beta-6f0c7674",
+    "@abtnode/cron": "1.16.17-beta-6f0c7674",
+    "@abtnode/logger": "1.16.17-beta-6f0c7674",
+    "@abtnode/models": "1.16.17-beta-6f0c7674",
+    "@abtnode/queue": "1.16.17-beta-6f0c7674",
+    "@abtnode/rbac": "1.16.17-beta-6f0c7674",
+    "@abtnode/router-provider": "1.16.17-beta-6f0c7674",
+    "@abtnode/static-server": "1.16.17-beta-6f0c7674",
+    "@abtnode/timemachine": "1.16.17-beta-6f0c7674",
+    "@abtnode/util": "1.16.17-beta-6f0c7674",
     "@arcblock/did": "1.18.92",
     "@arcblock/did-auth": "1.18.92",
     "@arcblock/did-ext": "^1.18.92",
@@ -42,11 +42,11 @@
     "@arcblock/pm2-events": "^0.0.5",
     "@arcblock/validator": "^1.18.92",
     "@arcblock/vc": "1.18.92",
-    "@blocklet/constant": "1.16.17-beta-2679e686",
-    "@blocklet/env": "1.16.17-beta-2679e686",
-    "@blocklet/meta": "1.16.17-beta-2679e686",
-    "@blocklet/resolver": "1.16.17-beta-2679e686",
-    "@blocklet/sdk": "1.16.17-beta-2679e686",
+    "@blocklet/constant": "1.16.17-beta-6f0c7674",
+    "@blocklet/env": "1.16.17-beta-6f0c7674",
+    "@blocklet/meta": "1.16.17-beta-6f0c7674",
+    "@blocklet/resolver": "1.16.17-beta-6f0c7674",
+    "@blocklet/sdk": "1.16.17-beta-6f0c7674",
     "@did-space/client": "^0.3.11",
     "@fidm/x509": "^1.2.1",
     "@ocap/mcrypto": "1.18.92",
@@ -101,5 +101,5 @@
     "jest": "^27.5.1",
     "unzipper": "^0.10.11"
   },
-  "gitHead": "abbe4a479b379552cd9ebd8c27732b360844cb73"
+  "gitHead": "8123f54b0f572c47f1ea704607aae113576c2a76"
 }